Avoiding Keystroke Loggers
Spyware is a term applied to software applications that log a user's data and reports the information back to the program's creator. The effects it has ranges widely from annoying pop-up ads to more dangerous security breaches such as browser hijacking and the installation of backdoors which can leave a user exposed to hacking attacks and identity theft.
Malicious coders use a number of ways to install spyware. One of the most common ways involves ad-based software in which a user is enticed to download it for free. Other sources of infection include IM (instant messaging), peer-to-peer programs, download manager utilities, online games and pornographic web sites. The Microsoft Internet Explorer web browser has also been known to be rather vulnerable against spyware and many other exploits. All of these methods can be used to install one of the most dangerous types of spyware, the keystroke logger.
What are Keystroke Loggers?
A keystroke logger, more commonly termed as a keylogger, is a program or device used to track a victim's activity online. Like most types of spyware, a keystroke logger typically logs a user's information and then reports it back to the originator. These logs can be easily used to collect usernames, credit card details, bank account numbers and other sensitive information.
Although keystroke loggers have been existence for some time, the growing problem of spyware has warranted a renewed level of concern. Considering how easy it is to be compromised, all internet users need to be aware of this detrimental infection.
Types of keystroke loggers
Hardware loggers - small inline devices that are typically inserted between a keyboard and computer. The small size enables them to go undetected for extended periods of time, although physical access to the machine is required. These devices have the ability to capture numerous keystrokes including email usernames, passwords and bank account numbers.
Hooking Mechanisms - this type of logging is achieved by software using "SetWindowsHookEx", a function in Windows operating systems that monitors keystrokes. It usually comes packaged as an EXE. (executable) file which initiates the hook function, along with a DLL. (Dynamic Link Library) file which handles logging functions.
Kernel/driver loggers - this type of keystroke logger is at the kernel level of the operating system and receives information directly from an input device, which is typically a keyboard.
It replaces the core application for interpreting a user's keystrokes and can be programmed in a way that makes it nearly undetectable as it is executed on a system boot before user-level applications are initiated.
Protecting your Information
It is very essential to carefully monitor the sites you visit on the web and the programs you download from the internet. One wrong move and your computer can be easily compromised with spyware and other nasty infections.
Here are a few tips to keep you safe against keystroke loggers:
• remain cautious of spam emails
• never open a file attached to a spam email
• never click "OK" on a pop-up window without carefully reading it first
• implement a firewall component to prevent unauthorized access to your computer
• frequently run a full system scan of your computer with quality security software
As spyware becomes more prevalent, experts suggest that the best protection comes with installing anti-spyware software. This type of program will not only detect, but destroy keystroke logger applications and other popular forms of spyware.